-
Notifications
You must be signed in to change notification settings - Fork 487
/
Copy pathPasswordServiceClientCredentialFactory.cs
141 lines (124 loc) · 5.58 KB
/
PasswordServiceClientCredentialFactory.cs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
// Copyright (c) Microsoft Corporation. All rights reserved.
// Licensed under the MIT License.
using System;
using System.Net.Http;
using System.Threading;
using System.Threading.Tasks;
using Microsoft.Extensions.Logging;
using Microsoft.Rest;
namespace Microsoft.Bot.Connector.Authentication
{
/// <summary>
/// A simple implementation of the <see cref="ServiceClientCredentialsFactory"/> interface.
/// </summary>
public class PasswordServiceClientCredentialFactory : ServiceClientCredentialsFactory
{
private readonly HttpClient _httpClient;
private readonly ILogger _logger;
/// <summary>
/// Initializes a new instance of the <see cref="PasswordServiceClientCredentialFactory"/> class.
/// with empty credentials.
/// </summary>
public PasswordServiceClientCredentialFactory()
{
}
/// <summary>
/// Initializes a new instance of the <see cref="PasswordServiceClientCredentialFactory"/> class.
/// with the provided credentials.
/// </summary>
/// <param name="appId">The app ID.</param>
/// <param name="password">The app password.</param>
/// <param name="tenantId">Tenant ID of the Azure AD tenant where the bot is created.</param>
/// <param name="httpClient">A custom httpClient to use.</param>
/// <param name="logger">A logger instance to use.</param>
public PasswordServiceClientCredentialFactory(string appId, string password, string tenantId, HttpClient httpClient, ILogger logger)
{
AppId = appId;
Password = password;
TenantId = tenantId;
_httpClient = httpClient;
_logger = logger;
}
/// <summary>
/// Gets or sets the app ID for this credential.
/// </summary>
/// <value>
/// The app ID for this credential.
/// </value>
public string AppId { get; set; }
/// <summary>
/// Gets or sets the app password for this credential.
/// </summary>
/// <value>
/// The app password for this credential.
/// </value>
public string Password { get; set; }
/// <summary>
/// Gets the Tenant ID of the Azure AD tenant where the bot is created.
/// </summary>
/// <value>
/// The Tenant ID of the Azure AD tenant where the bot is created.
/// </value>
public string TenantId { get; }
/// <inheritdoc/>
public override Task<bool> IsValidAppIdAsync(string appId, CancellationToken cancellationToken)
{
return Task.FromResult(appId == AppId);
}
/// <inheritdoc/>
public override Task<bool> IsAuthenticationDisabledAsync(CancellationToken cancellationToken)
{
return Task.FromResult(string.IsNullOrEmpty(AppId));
}
/// <inheritdoc/>
public override Task<ServiceClientCredentials> CreateCredentialsAsync(string appId, string oauthScope, string loginEndpoint, bool validateAuthority, CancellationToken cancellationToken)
{
if (string.IsNullOrEmpty(AppId))
{
return Task.FromResult<ServiceClientCredentials>(MicrosoftAppCredentials.Empty);
}
if (appId != AppId)
{
throw new InvalidOperationException($"Invalid appId {appId} does not match expected {AppId}");
}
if (loginEndpoint.Equals(AuthenticationConstants.ToChannelFromBotLoginUrlTemplate, StringComparison.OrdinalIgnoreCase))
{
return Task.FromResult<ServiceClientCredentials>(new MicrosoftAppCredentials(
appId, Password, TenantId, _httpClient, _logger, oauthScope));
}
else if (loginEndpoint.Equals(GovernmentAuthenticationConstants.ToChannelFromBotLoginUrlTemplate, StringComparison.OrdinalIgnoreCase))
{
return Task.FromResult<ServiceClientCredentials>(new MicrosoftGovernmentAppCredentials(
appId, Password, TenantId, _httpClient, _logger, oauthScope));
}
else
{
return Task.FromResult<ServiceClientCredentials>(new PrivateCloudAppCredentials(
AppId, Password, TenantId, _httpClient, _logger, oauthScope, loginEndpoint, validateAuthority));
}
}
private class PrivateCloudAppCredentials : MicrosoftAppCredentials
{
private readonly string _oauthEndpoint;
private readonly bool _validateAuthority;
public PrivateCloudAppCredentials(string appId, string password, HttpClient customHttpClient, ILogger logger, string oAuthScope, string oauthEndpoint, bool validateAuthority)
: this(appId, password, tenantId: string.Empty, customHttpClient, logger, oAuthScope, oauthEndpoint, validateAuthority)
{
}
public PrivateCloudAppCredentials(string appId, string password, string tenantId, HttpClient customHttpClient, ILogger logger, string oAuthScope, string oauthEndpoint, bool validateAuthority)
: base(appId, password, tenantId, customHttpClient, logger, oAuthScope)
{
_oauthEndpoint = oauthEndpoint;
_validateAuthority = validateAuthority;
}
public override string OAuthEndpoint
{
get { return _oauthEndpoint; }
}
public override bool ValidateAuthority
{
get { return _validateAuthority; }
}
}
}
}